The project was unusually frank in their announcement, writing on Twitter that the hack had "render[ed] the Treasury and the $SKYWARD token effectively worthless... We recommend users to withdraw their funds safely where they can and for the community to no longer interact with Skyward."
Skyward Finance treasury drained of $3.2 million
Skyward Finance is a project based on the NEAR blockchain, aiming to help users with initial token distribution. The project's treasury was drained of 1.1 million NEAR (~$3.2 million) after a hacker discovered a vulnerability in the project's smart contract. Crypto exploit research group Rekt wrote, "The fact that it took over a year for anyone to find this relatively simple exploit is remarkable." and questioned, "Was this incident an honest, albeit simple, mistake? Or a planned ejector seat?"
Iris Energy Bitcoin mining firm close to defaulting on loans of $103 million
Iris Energy, an Australian "sustainable Bitcoin mining company", has announced that they are close to defaulting on loans used to purchase $103 million of Bitcoin mining rigs. These machines depreciate in value quickly, and are currently estimated by the company to be worth $65–$70 million. At the moment, they produce $2 million in gross profit from mining Bitcoin, which is not sufficient for the company to meet the $7 million of loan payments each month.
Oracle attack on Solend costs the project $1.26 million
Solend announced that an exploiter had manipulated the oracle price of an asset on their platform, allowing them to take out a loan that left the platform with $1.26 million in bad debt. They reported that they had paused affected pools, and did not anticipate other pools on the platform were at risk.
Rubic exchange private key compromised, token plummets
An attacker was able to compromise the private key of an admin wallet for the Rubic crypto exchange, transferring around 34 million Rubic tokens. The attacker then sold the tokens on decentralized exchanges Uniswap and PancakeSwap.
The enormous sale caused the token price to plummet from $0.082 to $0.016, an 80% decrease. The stolen tokens were nominally worth almost $2.8 million (priced at the value before the theft), but it's not likely the attackers were able to exchange them for that much given the lack of liquidity to absorb such a huge sale.
Crypto exchange Deribit hacked for $28 million
Major crypto exchange Deribit suffered a hot wallet compromise that resulted in a $28 million theft. The exchange halted withdrawals to perform security checks, but urged that customer funds were safe and that the loss was covered by company reserves.
Deribit is also among the primary creditors of failed crypto hedge fund Three Arrows Capital, which defaulted on an $80 million loan from the exchange.
Founders of Hodlnaut attempt to hide financial records from court
Hodlnaut, a crypto lending platform that halted withdrawals on August 8, has been undergoing court proceedings while it's determined if the insolvent company has a path to stabilization or if they will need to be liquidated. A Singaporean court document shows that the company founders tried to hide financial documents from the court, and that the records that do exist "have not been properly maintained". According to the Interim Judicial Managers, the founders and some other employees were uncooperative, obstructed the advisors' work, and tried to stop them from "taking into possession various key books and records of the Company".
Sounds like everything's above board over there! It was also exposed in August that the company had lied to its users about their exposure to the Terra collapse.
French fry-themed DAO loses $2.3 million due to Profanity exploit
friesDAO describes itself as a "a decentralized social experiment where a crypto community builds and governs a fast food franchise empire via wisdom of the crowd". Welcome to the future.
Anyway, friesDAO seems to have fallen victim to the same Profanity vulnerability that has affected projects who used the tool to generate vanity wallet addresses. friesDAO wanted a wallet address beginning with 51D35 ("SIDES"), and as a result they opened themselves up to a major loss.
The project had previously announced that they had raised $5.4 million in funding, suggesting this attack drained almost half of the project's funds.
Core Scientific Bitcoin mining operator warns of missed payments, possible bankruptcy
One of the largest public crypto mining firms in the United States, Core Scientific, filed a notice with the SEC that they would miss upcoming debt payments due in October and November. They also wrote that the company "potentially could seek relief under the applicable bankruptcy or insolvency laws. In the event of a bankruptcy proceeding or insolvency, or restructuring of our capital structure, holders of the Company's common stock could suffer a total loss of their investment."
Core Scientific blamed their precarious financial situation on "the prolonged decrease in the price of bitcoin, the increase in electricity costs, the increase in the global bitcoin network hash rate and the litigation with Celsius Networks LLC and its affiliates". Bankrupt crypto platform Celsius owes Core Scientific around $5.4 million.
Core Scientific's stock plummeted from around $1 a share to around $0.20 on the news, an 80% decrease. The stock started the year at $10.43 a share, and has decreased in value by 98% year-to-date.
$14.5 million stolen from Team Finance
Team Finance is a project that helps projects lock their tokens to be released after a certain period or on a schedule. A hacker exploited a vulnerability in a smart contract that enabled users of Team Finance to migrate from version two to version three of their project, despite that contract being audited. The attacker made off with $14.5 million thanks to the vulnerability.
Monkey Drainer steals ~$1 million in 24 hours
A phishing scammer called "Monkey Drainer" stole around 700 ETH (~$940,000) in 24 hours on October 25, according to blockchain sleuth zachxbt. The scammer used malicious phishing sites to trick users into signing transactions that then drained cryptocurrencies and NFTs from their wallets. Some individual victims lost crypto valued at hundreds of thousands of dollars, and others lost NFT collections. Zachxbt estimated the total amount solen by Monkey Drainer to be around $3.5 million.